Technical add-on for Splunk related to TheHive/Cortex from TheHive project
☆54Sep 16, 2025Updated 5 months ago
Alternatives and similar repositories for TA-thehive-cortex
Users that are interested in TA-thehive-cortex are comparing it to the libraries listed below
Sorting:
- A curated list of awesome things related to TheHive & Cortex☆185Oct 9, 2021Updated 4 years ago
- A Splunk app to use MISP in background☆113Jan 8, 2026Updated last month
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- Feed Generator for MISP☆19Nov 2, 2022Updated 3 years ago
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- Documentation used for Shuffle☆21Updated this week
- Klara docker compose☆11May 19, 2020Updated 5 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 3, 2023Updated 3 years ago
- A collection of tips for using MISP.☆76Dec 11, 2024Updated last year
- ☆15Sep 24, 2024Updated last year
- Cortex Analyzers Repository☆476Feb 26, 2026Updated last week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆118Jan 22, 2026Updated last month
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Feb 22, 2026Updated last week
- Converts Sigma detection rules to a Splunk alert configuration.☆115May 18, 2020Updated 5 years ago
- Azure function to insert MISP data in to Azure Sentinel☆34Oct 19, 2022Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- OSSEM Detection Model☆183Oct 11, 2022Updated 3 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Nov 9, 2022Updated 3 years ago
- ☆15Nov 22, 2022Updated 3 years ago
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆14Jul 11, 2023Updated 2 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Sep 27, 2022Updated 3 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆129Jan 9, 2023Updated 3 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- A knowledge base of actionable Incident Response techniques☆662May 31, 2022Updated 3 years ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Sep 5, 2020Updated 5 years ago
- Easy way to create a MISP event related to a Phishing page☆17May 31, 2023Updated 2 years ago
- ☆21Nov 19, 2025Updated 3 months ago
- This module installs and configures MISP (Malware Information Sharing Platform)☆14Dec 29, 2025Updated 2 months ago
- Community modules for CAPE Sandbox☆111Feb 24, 2026Updated last week
- The Volatility Collaborative GUI☆265Feb 11, 2026Updated 3 weeks ago
- Hikeshi is a security incident response application that keeps documenting incidents simple, so you can focus on fighting fires.☆21Mar 6, 2023Updated 2 years ago
- Atlasian JIRA add-on for Splunk alert actions☆15Dec 2, 2025Updated 3 months ago
- Ansible role to install auditbeat for security monitoring. (Ruleset included)☆15Nov 16, 2023Updated 2 years ago
- pySigma Splunk backend☆41Updated this week
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Reads and prints information from the website MalAPI.io☆39Jan 18, 2022Updated 4 years ago
- *Unofficial* Helm chart for TheHive☆17Aug 26, 2022Updated 3 years ago
- Repository of public reference frameworks for the DFIR community.☆122Jul 4, 2023Updated 2 years ago